For When You Can't Have The Real Thing
[ start | index | login ]
start > CentOS > 7 > DSA SSH Hostkeys

DSA SSH Hostkeys

Created by dave. Last edited by dave, 6 years and 284 days ago. Viewed 2,091 times. #1
[edit] [rdf]


I have a stone-age host monitor thing that is complaining that it can't find agreeable SSH host keys from my CentOS 7 server. Turns out it requires DSA host keys and won't use the other host keys that are available. CentOS 7 by default does not generate DSA host keys because DSA is old and busted.


In /etc/ssh/sshd_config:

HostKey /etc/ssh/ssh_host_dsa_key


# ssh-keygen -t dsa -N '' -f /etc/ssh/ssh_host_dsa_key
# chgrp ssh_keys /etc/ssh/ssh_host_dsa_key 
# systemctl restart sshd

Search Engine Bait

Protocol Error: can not agree hostkey

no comments | post comment
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful: | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt